Compare with different regulatory event:
On 6 June 2023, the public consultation closed on the National Information Security Standardization Technical Committee (TC260) draft Practice Guidelines for Network Security Standards - Security Requirements for Personal Information Protection in Facial Recognition Payment Scenarios. The Practice Guidelines were developed in accordance with policies and regulations, aiming to establish personal information protection requirements for both face recognition payment service providers and the management of relevant venues. The Guidelines focus on face recognition payment scenarios in diverse indoor and outdoor environments, excluding those made via personal mobile phones or smart mobile devices. The Guidelines outline general requirements and specific obligations for service providers, including rules for data collection, deletion of facial recognition-related data, compliance with GB/T 40660, and adherence to the General Requirements for Biometric Data Protection. Furthermore, the Guidelines note that facial recognition payment services must collect facial data for payment transaction purposes.
Original source